Apple's macOS Catalina is first to require app notarization by default

AppleInsider · June 3, 2019 8:48PM

Apps that have not passed through Apple's software security process will be prevented from running on macOS Catalina by an updated version of Gatekeeper.

Developers intending to support the forthcoming macOS Catalina must submit their apps to Apple's notarizing security process or they will not run.

The new measure is an extension to the existing Gatekeeper process which optionally allowed developers to submit their apps. Apple says the requirement is designed to ensure downloaded software is from the source users believe it is.

"Mac apps, installer packages, and kernel extensions that are signed with Developer ID must also be notarized by Apple in order to run on macOS Catalina," said the company in a new developer page. "This will help give users more confidence that the software they download and run, no matter where they get it from, is not malware by showing a more streamlined Gatekeeper interface."

The process involves a registered developer sending Apple their software, which is automatically scanned to look for malicious code and other potential security issues. It's intended for developers who distribute their apps outside of the Mac App Store. Apps within the store already go through similar security procedures.

The Notarized Apps feature was first announced as an option at 2018's WWDC, but Apple has been working to make it mandatory.

The new macOS Catalina was announced at the 2019 WWDC and beta versions of the software have already been made available to developers.

pigybank · June 3, 2019 8:52PM

I hope there’s a way to manually override it. I don’t want Apple deciding what I can or cannot run on my Mac.

eightzero · June 3, 2019 8:54PM

Court filings in 3...2...1...

netrox · June 3, 2019 9:14PM

Hopefully there's a way for us power users to override it as we can with current one.

dantheman827 · June 3, 2019 9:50PM

eightzero said:

Court filings in 3...2...1...

Apple doesn't force you to run MacOS on their hardware, nor do they prevent you from running alternatives.

They also don't force you to run only the newest version of macOS either

Plus, the whole notarization process is more like a cloud-based antivirus than App Store approval

https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution

yuck9 · June 3, 2019 10:00PM

Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run. Beginning in macOS 10.15, notarization is required by default for all software.

davgreg · June 3, 2019 10:03PM

Although I know this will break some older SW that I have it seems like the prudent thing to do.

charlesgres · June 3, 2019 10:25PM

pigybank said:

I hope there’s a way to manually override it. I don’t want Apple deciding what I can or cannot run on my Mac.

The article explains that notarization means that if developer X makes an app that you want to install, that your Mac will verify that the app you are installing is indeed from developer X..

So, your reaction to that is 'I hope I can override it'... i.o.w. you want to be able to install an app that pretends it is from developer X but in fact isn't? Yeah, I can definitely see how that would be useful..

¯\_(ツ)_/¯

eightzero · June 3, 2019 10:39PM

dantheman827 said:

eightzero said:

Court filings in 3...2...1...

Apple doesn't force you to run MacOS on their hardware, nor do they prevent you from running alternatives.

They also don't force you to run only the newest version of macOS either

Plus, the whole notarization process is more like a cloud-based antivirus than App Store approval
https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution

I expect just this in the responsive pleading.

ouy97778 · June 3, 2019 10:44PM

I think it is pretty clear that software that is signed with a developer ID (which is most of the software out there really) has to be notarized as well. I think that is fairly reasonable as the developer are going through the trouble with the ID anway and it does add an extra layer of protection I guess.

The real question in my opinion is if software without the signature with a developer ID can still run on macOS by bypassing gatekeeper (right click, open). If that is closed down we have a problem a and there will be a very low adoption rate.

javacowboy · June 3, 2019 11:47PM

How will this impact open source software, homebrew, etc?

sirozha · June 4, 2019 12:27AM

charlesgres said:

pigybank said:

I hope there’s a way to manually override it. I don’t want Apple deciding what I can or cannot run on my Mac.

The article explains that notarization means that if developer X makes an app that you want to install, that your Mac will verify that the app you are installing is indeed from developer X..

So, your reaction to that is 'I hope I can override it'... i.o.w. you want to be able to install an app that pretends it is from developer X but in fact isn't? Yeah, I can definitely see how that would be useful..

¯\_(ツ)_/¯

If you don’t understand how this would be useful you are not a power user. I use software written by so many entities, and some of them no longer update the software. The new macOS would make my life a complete hell trying to chase every developer to see if they would release a new version authenticated by Apple. A percentage of the software will not be able to run on the new macOS at all. You know what that means? For the first time in my life I will not be upgrading to the new macOS.

DownUnder · June 4, 2019 2:33AM

If we can't load an app without Apple's approval then this is terrible news and a reason for people to not upgrade. Here are three reasons.

1. We already have a working precedent.

Some may argue that a decade long precedent with iOS (and later WatchOS devices) means that this is normal and acceptable.

However, we shouldn’t forget how controversial the ‘Walled Garden’ approach established with iOS was at the time. We were told it was justified because iOS and WatchOS devices need extra protection so that they can perform at all times - especially in critical moments. We were also told that kids needed protection when they used phones. We trusted Apple on the first argument but the second argument was always specious because mobile devices have unfettered access to the internet.

But the first argument doesn't apply to our laptops and desktops. The real precedent is that we we’ve already learned to use these devices over many decades. In a world where malicious actors phish and send trojan code, Apple's 'right click' override was an acceptable compromise. This approach balanced the freedoms we need in a dangerous digital world.

2. Apple shouldn't have this power.

We shouldn't be in a position where people all over the world have to trust a single CEO of a single company located in single country of the world with what we load onto our computers. I’m not a US citizen. Why should I trust a foreign national to determine my computing needs? It’s entirely unacceptable! And Apple has already shown a willingness to ban apps for ideological reasons. See here

https://www.huffpost.com/entry/banned-religious-apps_n_4577642

There were wrong to do this in the past and we shouldn't trust them or any other company with this extraordinary power. And it is extraordinary. Let no one say otherwise. There is growing pressure on free speech all around the world and it's coming from both the extreme left and the extreme right. Each side wants to shut down the opportunity to hear ideas they don't like. Truly pluralistic and tolerant cultures allow people to say things that not everyone likes.

3. It's impractical

As has already been noted by @Sirozha, no computer user should be in a situation where they need to wait for Apple to approve of an application they want to use. It doesn't need much imagination to think of all kinds of scenarios where this could be much more than annoying. It could be mission critical - the very argument Apple made with iOS for needing their walled garden.

michelb76 · June 4, 2019 6:30AM

javacowboy said:

How will this impact open source software, homebrew, etc?

Homebrew and other unix utilities are not 'Mac apps, installer packages, and kernel extensions' so they should work just fine.

Soli · June 4, 2019 6:41AM

Not unexpected, but that's a lot of whining over something small. If you don't want to have your app notarized then don't sign it.

ouy97778 · June 4, 2019 7:09AM

Soli said:

Not unexpected, but that's a lot of whining over something small. If you don't want to have your app notarized then don't sign it.

Do you know for a fact that unsigned apps do not need to be notarized? It seems like it but I haven't seen any confirmation of this.

Also there is a lot of applications that are signed out there that will not work unless the developer decides to get it notarized and publish a new release.

I hope there is some kind of defaults override for users who know what they are doing.

charlesgres · June 4, 2019 8:19AM

sirozha said:
If you don’t understand how this would be useful you are not a power user. I use software written by so many entities, and some of them no longer update the software. The new macOS would make my life a complete hell trying to chase every developer to see if they would release a new version authenticated by Apple. A percentage of the software will not be able to run on the new macOS at all. You know what that means? For the first time in my life I will not be upgrading to the new macOS.

If you have the app installed already you will not be affected obviously and the developers will only bring out a new version when they comply, and if they no longer support the app it is not even an issue, so your routine does not have to change..

Only thing prevented is that you install an app that tries to trick you into believing it is from a trusted developer even though it isn't..

knowitall · June 4, 2019 8:40AM

charlesgres said:

pigybank said:

I hope there’s a way to manually override it. I don’t want Apple deciding what I can or cannot run on my Mac.

The article explains that notarization means that if developer X makes an app that you want to install, that your Mac will verify that the app you are installing is indeed from developer X..

So, your reaction to that is 'I hope I can override it'... i.o.w. you want to be able to install an app that pretends it is from developer X but in fact isn't? Yeah, I can definitely see how that would be useful..

¯\_(ツ)_/¯

Your logic if failing: not signing doesn't exclude kosher apps.

majorsl · June 4, 2019 12:00PM

michelb76 said:

javacowboy said:

How will this impact open source software, homebrew, etc?

Homebrew and other unix utilities are not 'Mac apps, installer packages, and kernel extensions' so they should work just fine.

There are plenty of Open Source Software examples that are indeed Apps and some use Installer Packages. Many in the hard sciences are not commercial products, but are release by researchers, universities and the community at large. That's just an example of one segment.

razorpit · June 4, 2019 1:07PM

Apple doesn't force you to run MacOS on their hardware....

No but they sure as hell nag the sh*t out of you until you do.

razorpit · June 4, 2019 1:15PM

So what happens to apps like MakeMKV? I can't imagine Apple issuing the creators of that software a certificate. What happens when Plex becomes too much of a competitor? What happens when Apple decides DiskWarrior is no longer needed and could cause more harm than good?

Apple's macOS Catalina is first to require app notarization by default

Comments